Page 1 of 4 123 ... LastLast
Results 1 to 10 of 36

Thread: I've been hacked.

  1. #1
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    12

    Default I've been hacked.

    Before I will try to learn more about BackTrack, I want to know some more.

    I have used my wifi for some years now but in november i got hacked. I had a weak password and changed it to a 63 digit phrase with all possible characters. I also changed the password to the router with a 20 digit phrase. But I have ones been hacked. I have my router connected days and nights. So the intruder had 4 months to break trough. I GUESS that I have been hacked. I saw a message from the firewall that 192.168.0.5 has connected. No one in my system has this. I run Mandriva 2010.1 in dual-boot from a stationary computer. And then I have two other laptops with wifi connection. This last time there was only the stationary connected and it had 192.168.0.4. I then shut down the computer and saw that the lamps on the router still was blinking. There was some traffic going on.

    So first of all dear friends, is there possible to break through my WPA2 with 63 digits even if the intruder use BackTrack?

    At last, can I do more? Start learning BackTrack to make a safer Wifi? Could it be safer?

  2. #2
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: I've been hacked.

    Is WPS enabled? More details on it: http://sviehb.files.wordpress.com/20...hboeck_wps.pdf
    Have you...g0tmi1k?

  3. #3
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    12

    Default Re: I've been hacked.

    Quote Originally Posted by g0tmi1k View Post
    Is WPS enabled? More details on it: http://sviehb.files.wordpress.com/20...hboeck_wps.pdf
    I have no clue. I don't know anything about that and I have tried to search the router without success.
    My router is a Netgear DG834PN

  4. #4
    Just burned his ISO
    Join Date
    May 2011
    Location
    Internet
    Posts
    7

    Default Re: I've been hacked.

    Disable WPS as g0tmi1k allready suggested, there are now tools available to crack that can open pretty easily!
    Are you sure you dont have phone or anything using wireless also? Ive seen few ppl forgotting they have their phone/iPod or something using wireless and thinking someone is using their WLAN when all their computers are off.

  5. #5
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    12

    Default Re: I've been hacked.

    Quote Originally Posted by byteTemplar View Post
    Disable WPS as g0tmi1k allready suggested, there are now tools available to crack that can open pretty easily!
    Are you sure you dont have phone or anything using wireless also? Ive seen few ppl forgotting they have their phone/iPod or something using wireless and thinking someone is using their WLAN when all their computers are off.
    Sorry for that, I did have an alarm connected to the router, sorry I forgot that. So it could be the alarm using the connection?

    Do you really think that I am safe with my 63 digit character even without WPS? Or should I buy a new modem/router with WPS?

  6. #6
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    1

    Default Re: I've been hacked.

    After skimming the manual, it appears there is no WPS in it (I could have missed it, but didn't see it skimming or searching) So I'd opt for byteTemplar's idea of overlooked device.

    Check the MAC address.
    My router (also a netgear) will hold onto a DHCP IP for a little while after its been disconnected and doll out a new one when asked for a new lease/device.

  7. #7
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    2

    Default Re: I've been hacked.

    Have you tried to disable your BSSID as well?
    I would change you password first, then disable the BSSID.

  8. #8
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    12

    Default Re: I've been hacked.

    I have found that I can set up each other computers with their MAC address in an accept list.
    Hope this could be good enough.

    If I disable the MAC address in the router, I could no more access with my cellphone.

  9. #9
    Member
    Join Date
    Jan 2011
    Posts
    63

    Default Re: I've been hacked.

    Quote Originally Posted by effect View Post
    Have you tried to disable your BSSID as well?
    I would change you password first, then disable the BSSID.
    I think you mean to disable the broadcasting of the BSSID. This is a decent technique to keep the neighborhood kids out, but Airodump-ng will usually still figure out the SSID in a reasonably short amount of time even with broadcasting "disabled". I'd say with WPA2 enabled with a 63 character key, nobody is going to be getting into that router anytime soon.

  10. #10
    Member shadowzero's Avatar
    Join Date
    Jun 2011
    Location
    ${HOME}
    Posts
    94

    Default Re: I've been hacked.

    WPA2 can be cracked even with WPS disabled. Just a matter of luck, patience, and resources. There are sites out there where you can submit a captured 4-way handshake and for under $20, they'll try to crack they key (see https://www.wpacracker.com/)

    As Reamer already mentioned, hiding the SSID doesn't do anything for someone who's familiar with wifi attacks. MAC filtering helps a little but again, relatively easy to discover whitelisted MAC addresses and to spoof them so don't be led into a false sense of security if you have it turned on.

    Some wireless routers have some serious security flaws that can allow an attacker to take control of it, even bypassing the authentication screen. I would check to see if your router has any security vulnerabilities (Google it) and update the firmware. If you have the option, consider switching to third party firmware like Tomato or DDWRT which are constantly being developed. A lot of companies will stop supporting old routers and so they'll forever be vulnerable to new attacks that come out.

    The other thing is, maybe you forgot that there's another legit device accessing your network? Maybe a wireless printer, Xbox, Playstation 3, smartphone, etc... you also mentioned that the lights on the router were still blinking even after you turned off all your machines? The router is still connected to the internet so it will continue to send and receive data from your ISP. However, the internet light should be the only one flickering.

Page 1 of 4 123 ... LastLast

Similar Threads

  1. 100.000 IVS and still not hacked!!!
    By hakermania in forum OLD Wireless
    Replies: 8
    Last Post: 03-06-2010, 01:41 PM
  2. What would you do if you got hacked?
    By Andy_R in forum OLD Newbie Area
    Replies: 26
    Last Post: 10-30-2008, 09:00 PM
  3. i've been 'hacked'
    By elninio in forum OLD General IT Discussion
    Replies: 14
    Last Post: 09-30-2008, 08:53 PM
  4. I was hacked :(
    By Dissident85 in forum OLD General IT Discussion
    Replies: 10
    Last Post: 07-29-2008, 06:45 AM
  5. im being hacked!!! help!!!
    By creatureofdk in forum OLD Newbie Area
    Replies: 7
    Last Post: 05-02-2007, 04:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •